Date: Mon, 21 Sep 2015 08:40:03 -0700 From: Fred Wang <waffle.contest@...il.com> To: john-dev@...ts.openwall.com Subject: Re: Judy array On Sep 21, 2015, at 7:43 AM, Solar Designer <solar@...nwall.com> wrote: > Fred - > > On Mon, Sep 21, 2015 at 05:07:51PM +0300, Solar Designer wrote: >> There are 947 hashes that MDXfind cracked and JtR did not. The >> corresponding passwords are of at least 7 characters long (none are >> shorter than 7). No other obvious pattern yet. I've tested a couple >> against john --stdout for the same wordlist and rules, and they are not >> in there, so at least for these two it's some discrepancy in the >> candidates stream rather than in the hashing or comparisons. One such >> password is noimage. A similar line in the wordlist is geoimagen, >> although there are several other (not so) similar ones. A rotate rule >> might be producing noimage on MDXfind, but somehow not on JtR. > > I figured this out. You implement the 'x' command incorrectly. You > implement it as a "delete" command, but it is an "extract" command. > > Maybe hashcat has the bug too, given that this rule from best64: Yes, hashcat documents it as a "delete": Delete range xNM Deletes M characters, starting at position N x02 p@...0rd ssW0rd * which is how I implemented it. I'm working on the other issue now - more shortly.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.